You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lucene.apache.org by rm...@apache.org on 2019/12/19 04:13:08 UTC

[lucene-solr] branch branch_8x updated: SOLR-14085: remove solr fork of lucene test securitymanager

This is an automated email from the ASF dual-hosted git repository.

rmuir pushed a commit to branch branch_8x
in repository https://gitbox.apache.org/repos/asf/lucene-solr.git


The following commit(s) were added to refs/heads/branch_8x by this push:
     new 04e306f  SOLR-14085: remove solr fork of lucene test securitymanager
04e306f is described below

commit 04e306f616bb191c67ee4e241ce7c3bb68477a97
Author: Robert Muir <rm...@apache.org>
AuthorDate: Wed Dec 18 23:06:09 2019 -0500

    SOLR-14085: remove solr fork of lucene test securitymanager
---
 solr/common-build.xml                              |  5 --
 .../org/apache/solr/util/SolrSecurityManager.java  | 93 ----------------------
 2 files changed, 98 deletions(-)

diff --git a/solr/common-build.xml b/solr/common-build.xml
index d06fa2f..7b88395 100644
--- a/solr/common-build.xml
+++ b/solr/common-build.xml
@@ -152,11 +152,6 @@
     </sequential>
   </macrodef>
 
-  <!-- turn on security manager? -->
-  <condition property="java.security.manager" value="org.apache.solr.util.SolrSecurityManager">
-    <istrue value="${tests.useSecurityManager}"/>
-  </condition>
-
   <target name="validate" depends="compile-tools">
   </target>
 
diff --git a/solr/test-framework/src/java/org/apache/solr/util/SolrSecurityManager.java b/solr/test-framework/src/java/org/apache/solr/util/SolrSecurityManager.java
deleted file mode 100644
index a46da6c..0000000
--- a/solr/test-framework/src/java/org/apache/solr/util/SolrSecurityManager.java
+++ /dev/null
@@ -1,93 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.solr.util;
-
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-
-/**
- * A {@link SecurityManager} that prevents tests calling {@link System#exit(int)}.
- * Only the test runner itself is allowed to exit the JVM.
- * All other security checks are handled by the default security policy.
- * <p>
- * Use this with {@code -Djava.security.manager=org.apache.solr.util.SolrSecurityManager}.
- */ 
-public final class SolrSecurityManager extends SecurityManager {
-  
-  static final String JUNIT4_TEST_RUNNER_PACKAGE = "com.carrotsearch.ant.tasks.junit4.";
-  static final String ECLIPSE_TEST_RUNNER_PACKAGE = "org.eclipse.jdt.internal.junit.runner.";
-  static final String IDEA_TEST_RUNNER_PACKAGE = "com.intellij.rt.execution.junit.";
-
-  /**
-   * Creates a new SolrSecurityManager. This ctor is called on JVM startup,
-   * when {@code -Djava.security.manager=org.apache.lucene.util.TestSecurityManager}
-   * is passed to JVM.
-   */
-  public SolrSecurityManager() {
-    super();
-  }
-
-  /**
-   * {@inheritDoc}
-   * <p>This method inspects the stack trace and checks who is calling
-   * {@link System#exit(int)} and similar methods
-   * @throws SecurityException if the caller of this method is not the test runner itself.
-   */
-  @Override
-  public void checkExit(final int status) {
-    AccessController.doPrivileged(new PrivilegedAction<Void>() {
-      @Override
-      public Void run() {
-        final String systemClassName = System.class.getName(),
-            runtimeClassName = Runtime.class.getName();
-        String exitMethodHit = null;
-        for (final StackTraceElement se : Thread.currentThread().getStackTrace()) {
-          final String className = se.getClassName(), methodName = se.getMethodName();
-          if (
-            ("exit".equals(methodName) || "halt".equals(methodName)) &&
-            (systemClassName.equals(className) || runtimeClassName.equals(className))
-          ) {
-            exitMethodHit = className + '#' + methodName + '(' + status + ')';
-            continue;
-          }
-          
-          if (exitMethodHit != null) {
-            if (className.startsWith(JUNIT4_TEST_RUNNER_PACKAGE) || 
-                className.startsWith(ECLIPSE_TEST_RUNNER_PACKAGE) ||
-                className.startsWith(IDEA_TEST_RUNNER_PACKAGE)) {
-              // this exit point is allowed, we return normally from closure:
-              return /*void*/ null;
-            } else {
-              // anything else in stack trace is not allowed, break and throw SecurityException below:
-              break;
-            }
-          }
-        }
-        
-        if (exitMethodHit == null) {
-          // should never happen, only if JVM hides stack trace - replace by generic:
-          exitMethodHit = "JVM exit method";
-        }
-        throw new SecurityException(exitMethodHit + " calls are not allowed because they terminate the test runner's JVM.");
-      }
-    });
-    
-    // we passed the stack check, delegate to super, so default policy can still deny permission:
-    super.checkExit(status);
-  }
-
-}